wpetit/hydra-passwordless
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Basic email sending

Browse Source
This commit is contained in:
wpetit
2020-04-24 09:27:07 +02:00
parent d65a7248d1
commit 81778121fb
18 changed files with 757 additions and 36 deletions
Download Patch File Download Diff File Expand all files Collapse all files

101
internal/hydra/client.go
View File

@ -1,25 +1,72 @@
package hydra
import (
"bytes"
"encoding/json"
"net/http"
"net/url"
"time"
"github.com/pkg/errors"
)
type Client struct {
baseURL string
baseURL *url.URL
http *http.Client
}
func (c *Client) LoginRequest(challenge string) (*LoginResponse, error) {
return nil, nil
u := fromURL(*c.baseURL, "/oauth2/auth/requests/login", url.Values{
"login_challenge": []string{challenge},
})
res, err := c.http.Get(u)
if err != nil {
return nil, errors.Wrap(err, "could not retrieve login response")
}
if res.StatusCode < http.StatusOK || res.StatusCode >= http.StatusBadRequest {
return nil, errors.Wrapf(ErrUnexpectedHydraResponse, "hydra responded with status code '%d'", res.StatusCode)
}
defer res.Body.Close()
decoder := json.NewDecoder(res.Body)
loginRes := &LoginResponse{}
if err := decoder.Decode(loginRes); err != nil {
return nil, errors.Wrap(err, "could not decode json response")
}
return loginRes, nil
}
func (c *Client) Accept(challenge string) (*AcceptResponse, error) {
return nil, nil
func (c *Client) AcceptRequest(challenge string, req *AcceptRequest) (*AcceptResponse, error) {
u := fromURL(*c.baseURL, "/oauth2/auth/requests/accept", url.Values{
"login_challenge": []string{challenge},
})
res := &AcceptResponse{}
if err := c.putJSON(u, req, res); err != nil {
return nil, err
}
return res, nil
}
func (c *Client) RejectRequest(challenge string) (*RejectResponse, error) {
return nil, nil
func (c *Client) RejectRequest(challenge string, req *RejectRequest) (*RejectResponse, error) {
u := fromURL(*c.baseURL, "/oauth2/auth/requests/reject", url.Values{
"login_challenge": []string{challenge},
})
res := &RejectResponse{}
if err := c.putJSON(u, req, res); err != nil {
return nil, err
}
return res, nil
}
func (c *Client) LogoutRequest(challenge string) (*LogoutResponse, error) {
@ -51,7 +98,47 @@ func (c *Client) challenge(r *http.Request, name string) (string, error) {
return challenge, nil
}
func NewClient(baseURL string, httpTimeout time.Duration) *Client {
func (c *Client) putJSON(u string, payload interface{}, result interface{}) error {
var buf bytes.Buffer
encoder := json.NewEncoder(&buf)
if err := encoder.Encode(payload); err != nil {
return errors.Wrap(err, "could not encode request body")
}
req, err := http.NewRequest("PUT", u, &buf)
if err != nil {
return errors.Wrap(err, "could not create request")
}
res, err := c.http.Do(req)
if err != nil {
return errors.Wrap(err, "could not retrieve login response")
}
if res.StatusCode < http.StatusOK || res.StatusCode >= http.StatusBadRequest {
return errors.Wrapf(ErrUnexpectedHydraResponse, "hydra responded with status code '%d'", res.StatusCode)
}
defer res.Body.Close()
decoder := json.NewDecoder(res.Body)
if err := decoder.Decode(result); err != nil {
return errors.Wrap(err, "could not decode json response")
}
return nil
}
func fromURL(url url.URL, path string, query url.Values) string {
url.Path = path
url.RawQuery = query.Encode()
return url.String()
}
func NewClient(baseURL *url.URL, httpTimeout time.Duration) *Client {
return &Client{
baseURL: baseURL,
http: &http.Client{

3
internal/hydra/error.go
View File

@ -3,5 +3,6 @@ package hydra
import "errors"
var (
ErrChallengeNotFound = errors.New("challenge not found")
ErrUnexpectedHydraResponse = errors.New("unexpected hydra response")
ErrChallengeNotFound = errors.New("challenge not found")
)

17
internal/hydra/provider.go
View File

@ -1,15 +1,30 @@
package hydra
import (
"net/url"
"time"
"github.com/pkg/errors"
"gitlab.com/wpetit/goweb/service"
)
func ServiceProvider(baseURL string, httpTimeout time.Duration) service.Provider {
func ServiceProvider(rawBaseURL string, httpTimeout time.Duration) service.Provider {
var (
baseURL *url.URL
err error
)
baseURL, err = url.Parse(rawBaseURL)
if err != nil {
err = errors.Wrap(err, "could not parse base url")
}
client := NewClient(baseURL, httpTimeout)
return func(ctn *service.Container) (interface{}, error) {
if err != nil {
return nil, err
}
return client, nil
}
}

13
internal/hydra/request.go Normal file
View File

@ -0,0 +1,13 @@
package hydra
type AcceptRequest struct {
Subject string `json:"subject"`
Remember bool `json:"remember"`
RememberFor int `json:"remember_for"`
ACR string `json:"acr"`
}
type RejectRequest struct {
Error string `json:"error"`
ErrorDescription string `json:"error_description"`
}

57
internal/hydra/response.go
View File

@ -1,12 +1,69 @@
package hydra
import "time"
// https://www.ory.sh/hydra/docs/reference/api#get-a-login-request
type ClientResponseFragment struct {
AllowCORSOrigins []string `json:"allowed_cors_origins"`
Audience []string `json:"audience"`
BackChannelLogoutSessionRequired bool `json:"backchannel_logout_session_required"`
BackChannelLogoutURI string `json:"backchannel_logout_uri"`
ClientID string `json:"client_id"`
ClientName string `json:"client_name"`
ClientSecret string `json:"client_secret"`
ClientSecretExpiresAt int `json:"client_secret_expires_at"`
ClientURI string `json:"client_uri"`
Contacts []string `json:"contacts"`
CreatedAt time.Time `json:"created_at"`
FrontChannelLogoutSessionRequired bool `json:"frontchannel_logout_session_required"`
FrontChannelLogoutURL string `json:"frontchannel_logout_uri"`
GrantTypes []string `json:"grant_types"`
JWKS map[string]interface{} `json:"jwks"`
JwksURI string `json:"jwks_uri"`
LogoURI string `json:"logo_uri"`
Metadata map[string]interface{} `json:"metadata"`
Owner string `json:"owner"`
PolicyURI string `json:"policy_uri"`
PostLogoutRedirectURIs []string `json:"post_logout_redirect_uris"`
RedirectURIs []string `json:"redirect_uris"`
RequestObjectSigningAlg string `json:"request_object_signing_alg"`
RequestURIs []string `json:"request_uris"`
ResponseTypes []string `json:"response_types"`
Scope string `json:"scope"`
SectorIdentifierURI string `json:"sector_identifier_uri"`
SubjectType string `json:"subject_type"`
TokenEndpointAuthMethod string `json:"token_endpoint_auth_method"`
TosURI string `json:"tos_uri"`
UpdatedAt time.Time `json:"updated_at"`
UserInfoSignedResponseAlg string `json:"userinfo_signed_response_alg"`
}
type OidcContextResponseFragment struct {
ACRValues []string `json:"acr_values"`
Display string `json:"display"`
IDTokenHintClaims map[string]interface{} `json:"id_token_hint_claims"`
LoginHint string `json:"login_hint"`
UILocales []string `json:"ui_locales"`
}
type LoginResponse struct {
Challenge string `json:"challenge"`
Skip bool `json:"skip"`
Subject string `json:"subject"`
Client ClientResponseFragment `json:"client"`
RequestURL string `json:"request_url"`
RequestedScope []string `json:"requested_scope"`
OidcContext OidcContextResponseFragment `json:"oidc_context"`
RequestedAccessTokenAudience string `json:"requested_access_token_audience"`
SessionID string `json:"session_id"`
}
type AcceptResponse struct {
}
type RejectResponse struct {
RedirectTo string `json:"redirect_to"`
}
type LogoutResponse struct {